Title :
A framework for multiple authorization types in a healthcare application system
Author :
Chandramouli, Ramaswamy
Author_Institution :
Comput. Security Div., Nat. Inst. of Stand. & Technol., Gaithersburg, MD, USA
Abstract :
In most of the current authorization frameworks in applications systems, the authorization for a user operation is determined using a static database like ACL entries or system tables. These frameworks cannot provide the foundation for supporting multiple types of authorizations like emergency authorizations, context-based authorizations etc., which are required in many vertical market systems like healthcare application systems. We describe a dynamic authorization framework which supports multiple authorization types. We use the acronym DAFMAT (Dynamic Authorization Framework for Multiple Authorization Types) to refer to this framework. The DAFMAT framework uses a combination of role-based access control (RBAC) and dynamic type enforcement (DTE) augmented with a logic-driven authorization engine. The application of DAFMAT for evaluating and determining various types of authorization requests for the Admissions Discharge and Transfer System (ADT) in a healthcare enterprise is described.
Keywords :
authorisation; health care; logic programming; medical administrative data processing; ADT; Admissions Discharge and Transfer System; DAFMAT; DTE; Dynamic Authorization Framework for Multiple Authorization Types; RBAC; context-based authorizations; dynamic type enforcement; emergency authorizations; healthcare application systems; logic-driven authorization engine; role-based access control; Access control; Application software; Authorization; Computer security; Data security; Databases; Engines; Medical services; NIST; Permission;
Conference_Titel :
Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual
Print_ISBN :
0-7695-1405-7
DOI :
10.1109/ACSAC.2001.991530
